<?php

/*
 * File: shoutbox.php
 * Descrizione: Corpo della shoutbox.
*/

// Avvia una nuova sessione o riprende una sessione gi� creata
session_start();

// Include i file necessari
include('inc/config.inc.php');
include('inc/template.inc.php');
include('inc/db.inc.php');
include('inc/check.inc.php');

// Variabili
$query1 = "SELECT msg_user, msg_text FROM shoutbox WHERE msg_time > (NOW() - INTERVAL 30 MINUTE) ORDER BY msg_time ASC";
$action = (isset($_GET['act']))? $_GET['act'] : '';

// Se � stato scritto un messaggio lo inserisce nel database
if(isset($_POST['sb']) != "") {
	// Variabili
	$uid = $_SESSION['uid'];
	$msg = mysqli_real_escape_string($db, $_POST['sb']);
	$query = "INSERT INTO shoutbox (msg_id, msg_user, msg_text, msg_time) VALUES(NULL, '$uid', '$msg', NOW())";
	
	// Aggiorna l'ora nel database
	$db->query($query);
}

if($_SESSION['master'] == 1)
{
	$refresh = '<div class="panel-heading text-right" style="padding: 0.3em;"><a href="shoutbox.php?act=delete" class="btn btn-default" target="_self"><b class="glyphicon glyphicon-trash"></b></a></div>';
	$content = '<div class="panel-body" style="height: 200px; font-size: 0.8em; overflow: auto;">';
} else {
	$refresh = '';
	$content = '<div class="panel-body" style="height: 200px; font-size: 0.8em; overflow: auto;">';
}

// Recupera i messaggi
if($results1 = $db->query($query1)) {

	while($row1 = $results1->fetch_assoc()) {
		// Variabili
		$user_id = htmlentities($row1['msg_user']);
		$msg = trim($row1['msg_text']);
		$cmd = $msg{0};
		// Account
			$query = "SELECT account_id FROM users WHERE user_id = '$user_id'";
			if($results = $db->query($query)) {
			$row = $results->fetch_assoc();
			$account_id = $row['account_id'];
			}
		switch($cmd) {
		case "*":
			// Variabili
			$query2 = "SELECT account_master FROM accounts WHERE account_id = '$account_id'";

			// Recupera i dati
			if($results2 = $db->query($query2)) {
				$row2 = $results2->fetch_assoc();
				if($row2['account_master'] == 1) {
					$content .= '<strong><div align="center">';
					$content .= htmlentities(substr($msg, 1));
					$content .= '</strong></div>';
				}
				$results2->close();
			}

			break;
		
		default:
			// Variabili
			$query4 = "SELECT user_name FROM users WHERE user_id = '$user_id'";

			$content .= '<div>';

			// Recupera i dati del Personaggio
			if($results4 = $db->query($query4)) {
				$row4 = $results4->fetch_assoc();
				$content .= '<strong>';
				$content .= '<a href="avatar.php?id='.$user_id.'" target="main">'.htmlentities($row4['user_name']).' </a> : ';
				$content .= '</strong>';
				$results4->close();
			}

			$content .= htmlentities($msg);
			$content .= '</div>';

			break;
		}

	}
	$content .= '</div>';
	// Se l'azione da eseguire � cancella, svuota la shoutbox.
	if ($action == 'delete')
	{
		$db -> query("TRUNCATE shoutbox");
	}


	// Lista delle tag speciali
	$tags = array('temp_title' => $g_name, 'temp_content' => $content, 'temp_refresh' => $refresh);

	// Carica il template e formatta le tag speciali
	$temp = new template('style/shoutbox.template.html');
	$temp->replace($tags);

	// Visualizza l'output
	echo $temp->show();

	$results1->close();
}

// Chiude la connessione al database
$db->close();

?>